How family businesses can prepare for cybersecurity threats

In this episode of The Voice of Family Business on Capitol Hill, host Pat Soldano explores cyber attacks on family businesses with Bobby Stover and Dave Burg from Ernst & Young LLP. 

With cyber threats from increasingly sophisticated global syndicates on the rise, family businesses need to know what challenges to expect and what steps they can take to protect themselves. Guests Bobby Stover, EY Americas Family Enterprise and Family Office Leader, and Dave Burg, EY Americas Cybersecurity Leader, share key strategies for family businesses to prevent and mitigate these attacks.

Because their organizations often are more porous and lack dedicated cybersecurity personnel, family businesses are viewed as lucrative targets by cybercriminals. Threat actors today are going beyond ransomware threats, identifying valuable data and information that they can use to apply pressure and extort their victims. To prepare against cyber threats, Stover and Burg stress that continuous investment and ongoing cybersecurity assessments are critical. Companies should set aside about 10% of their IT budgets for cybersecurity. To reduce costs while investing in cyber readiness, family businesses can instead seek support from a managed security service. Despite possible inconveniences, family members need to operate within secure environments and have a well-prepared, rehearsed process in place to respond to a breach. The response should include a communication plan to comply with recent SEC mandates requiring swift disclosure of material cyber intrusions. By partnering with cybersecurity professionals and establishing robust response mechanisms, family businesses can minimize risks and effectively respond to cyber incidents.

Key takeaways:

  • Family businesses are attractive to cybercriminals because they often have less robust security measures in place.
  • A lack of cybersecurity investment can lead to serious risks, including cyber extortion.
  • Companies should allocate around 10% of their IT budgets to cybersecurity, but this amount can be cost prohibitive for family businesses. Partnering with managed security services can help.
  • Attackers are taking advantage of artificial intelligence (AI). But AI can also be harnessed to assist defenders.
  • Having a well-rehearsed business process to respond to incidents is essential for mitigating cyber threats.

Note: Dave Burg left the firm in March 2024.

Podcast

Podcast duration: 32 minutes, 41 seconds

Duration

1h 0m 0s